Senior Cloud Security Engineer (Automation & Tooling) at Engine by Starling

At Engine by Starling, we prioritize security as a vital component of our engineering practice. As a Senior Cloud Security Engineer, you will play a critical role in shaping the security architecture of our multi-tenant core banking platform. Your responsibilities will include writing code, automating security defenses, and ensuring our infrastructure across AWS and GCP is secure by design and compliant by default.Your MissionIn this dynamic role, you will lead initiatives to strengthen both our infrastructure and application platforms. You'll tackle complex security challenges through code, focusing on three key areas:Identity & Network Security: Develop robust IAM controls and implement zero-trust network architectures. You will refine edge-defense strategies ensuring every request is validated and encrypted.Unified Vulnerability Orchestration: Create a custom dashboard for security data by engineering API integrations between scanning tools, dependency trackers, and internal portals to establish a streamlined, automated vulnerability ecosystem.Compliance as Code: Align technical execution with regulatory requirements. Build automated systems that deliver real-time evidence for compliance frameworks such as SOC 2, ISO 27001 & PCI, reducing manual overhead.Your TeamYou will be a vital member of our expanding Security Engineering team, collaborating closely with our Infrastructure, Cross-Cutting, Information Security, and GRC teams. At Engine, we believe security should be integral to every technical process, not an afterthought. You will work collaboratively with engineers across the organization to create a resilient platform against evolving threats.About YouWe are seeking experienced Cloud Security Engineers, but we also welcome talented Software Engineers with strong programming skills who are eager to apply their expertise to security challenges. Engine engineers are driven by impact and high-quality outcomes, irrespective of their original tech stack. Whether you are a security specialist or a developer with a

Join the dynamic Engineering team at Engine by Starling, where we prioritize security as a fundamental engineering discipline rather than a mere checkbox exercise. As a Cloud Security Engineer, you will play a pivotal role in shaping the security architecture of our multi-tenant core banking platform. Your responsibilities will include writing code, automating security measures, and ensuring that our infrastructure across AWS and GCP is secure by design and compliant by default.Your MissionIn this multifaceted role, you will lead initiatives to strengthen both our infrastructure and application platforms. Your primary focus will be on solving intricate security challenges through code, emphasizing three key areas:Identity & Network Security: Develop robust IAM controls and zero-trust network architectures. You will enhance our edge-defense strategies and trust redirection to ensure that every request is authenticated and encrypted.Unified Vulnerability Orchestration: Create a custom dashboard for security data. You will engineer API integrations between scanning engines, dependency trackers, and internal portals to establish a cohesive, automated vulnerability management ecosystem.Compliance as Code: Bridge the gap between technical execution and regulatory compliance. You will develop automated systems that provide real-time evidence for compliance frameworks such as SOC 2, ISO 27001, and PCI, minimizing manual oversight.About the TeamYou will be an integral member of our expanding Security Engineering team, collaborating closely with our Infrastructure, Cross-Cutting, Information Security, and GRC teams. At Engine, we believe that security should be woven into every technical process, not treated as an afterthought. You will engage with engineers across the organization to create a resilient platform that can adapt to evolving threats.Who You AreWe are primarily seeking experienced Cloud Security Engineers, but we also welcome talented Software Engineers with strong programming skills who are eager to tackle security challenges.Engine engineers are driven by the impact of their work and the delivery of high-quality solutions, regardless of their original tech stack. Whether you are a security specialist or a developer with a security-first mindset, your role within the team will be shaped by your unique strengths and interests.Your ResponsibilitiesInstead of performing manual compliance checks, you will develop systems that automate this process.Security as Code: Design and maintain custom security tools in Go to automate evidence collection for SOC 2, ISO 27001, and the remediation of security alerts.

Join Starling Bank, the UK's pioneering digital bank, on a transformative mission to revolutionize banking! We harness technology to empower individuals to save, spend, and manage their finances more effectively.As a fully licensed bank in the UK, we embody the innovative spirit and agility of a tech company. Our approach is fairer, simpler, and designed to demystify money for everyone. With over 3,000 employees across London, Southampton, Cardiff, and Manchester, we foster a vibrant work culture.At Starling, our technologists play a crucial role in shaping our future, thriving in a dynamic environment focused on building and innovating cutting-edge fintech solutions. We embrace a flat organizational structure that encourages decision-making and collaboration across all levels. Our open culture ensures that support is readily available from your team and the wider business, promoting collective success!To excel at Starling, you should be self-motivated and take full ownership of your work. This includes everything from developing new solutions to sharing knowledge and enhancing processes for optimal customer outcomes. Our values—Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness—are central to our mission.Hybrid WorkingWe offer a hybrid work model. While we encourage team interactions in the office, we prefer candidates to be within a commutable distance to one of our locations.Our Engineering EnvironmentStarling engineers are driven by the desire to deliver exceptional features. We welcome engineers of all experience levels who are passionate about coding and customer service. Our team is diverse and thrives on tackling various challenges together to transform banking for the better.As a Cloud Security Engineer at Starling, you will develop and maintain tooling and infrastructure across AWS and GCP, supporting internal operations and collaborating with various teams to deliver essential services for our business.

Engine by Starling is a pioneering cloud-native SaaS platform developed by Starling Bank, the UK's first and leading digital bank. We empower over 4.6 million customers and small businesses with intuitive financial tools that help them manage their money efficiently and effectively. Our mission is to spread this innovative approach to banking globally.As a cloud-native solution, Engine offers a robust platform that supports banks, building societies, and credit unions around the globe. We enable our partners to leverage advanced digital features and streamlined back-office processes that have contributed to Starling's remarkable success.At Engine, we embrace five core principles: listen, keep it simple, do the right thing, own it, and aim for greatness. Since our inception in 2022, we have rapidly grown, adopting an agile mindset that fosters innovation and adaptability. We cultivate an environment where our team members and partners can collaborate openly, take ownership, and drive projects forward.Hybrid Working EnvironmentOur headquarters are located in London, with additional offices in Manchester, Cardiff, and Southampton, as well as international locations in Dublin, Sydney, Dubai, Toronto, and New York. We prefer that our team members are within a reasonable commuting distance from one of our UK offices to facilitate in-person collaboration.Role OverviewAs the Business Information Security Officer (BISO), you will be instrumental in defining our security objectives and practices, leading the ongoing enhancement of our Information Security capabilities, and managing a dedicated Information Security Team. You will act as the primary liaison between Engine and Starling Bank’s Information Security teams, addressing all security-related inquiries from clients and auditors.We seek a curious and adaptable information security professional with strong leadership abilities who enjoys a collaborative and dynamic work environment. If you are passionate about problem-solving and engaging with diverse stakeholders, we would love to hear from you.

Join Engine by Starling, where we are dedicated to partnering with top-tier banks worldwide to fuel their ambitions for rapid business growth through our cutting-edge technology.As a software-as-a-service (SaaS) division of Starling Bank, Engine was established to provide the innovative technology that has powered Starling's remarkable success. Our platform is now available for banks and financial institutions globally, allowing them to leverage advanced digital features and streamlined back-office processes.At Engine, we foster a collaborative environment where every team member contributes to delivering exceptional results for our clients. We are engineering-focused and seek passionate individuals eager to harness Engine’s technology to revolutionize banking across various markets. Our work is driven by five core values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.Hybrid Working ModelWe embrace a Hybrid working model at Engine, preferring that team members reside within a commutable distance from our offices to facilitate in-person collaboration.About Engineering at Engine by Starling - https://www.enginebystarling.com/We are actively seeking iOS Engineers to enhance the Engine Platform, ensuring our features cater to banks worldwide while also developing new functionalities that have yet to launch in the UK market.Engine by Starling engineers are enthusiastic about contributing to the rollout of new features, regardless of their primary technology stack. Learn more about our team through the case studies below, including our collaboration with Women In Tech.

Starling Bank stands as the UK’s pioneering digital bank, dedicated to transforming the banking experience for over 4 million customers across the nation. With a vibrant team of more than 3,000 professionals based in our UK offices, we are committed to leveraging technology to empower individuals to save, spend, and manage their finances in revolutionary ways. Introducing... Engine by Starling.Engine by Starling, our software-as-a-service (SaaS) platform, originated from the technology that powers Starling Bank, and has since evolved into a separate entity. Our mission is to collaborate with ambitious banks globally to help them build rapidly growing businesses utilizing our innovative technology.This SaaS technology platform offers banks and financial institutions worldwide access to cutting-edge digital features and streamlined back-office processes, contributing to Starling's remarkable success.At Engine by Starling, we place our technologists at the core of our operations, fostering a dynamic environment focused on innovation, creativity, and disruptive technology that keeps us at the forefront of the fintech landscape. We embrace a flat organizational structure that empowers you to make impactful decisions, regardless of your primary role. Collaboration and support are embedded in our open culture, ensuring that you are never alone in your endeavors.Thriving at Engine requires a self-motivated individual with a strong sense of ownership, whether you're building, designing, or sharing knowledge with your colleagues. Our commitment to efficiency and productivity is paramount to delivering exceptional results for our customers, guided by our core values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.Hybrid WorkingWe adopt a Hybrid working model, ideally situated within a reasonable commuting distance from our London office to facilitate in-person collaboration.About the RoleAs a Solution Architect (SA), you will utilize your expertise in Engine's technology and architecture to articulate the Engine product, identify client requirements, and contribute to the design of tailored solutions.Your involvement will span both the sales and delivery phases of projects, as well as ongoing client success, working alongside teams from Technology, Delivery, Product, Client Success, and Business Development.We are looking for a proactive individual capable of thriving in a fast-paced environment, ready to engage with clients and deliver outstanding technological solutions.

At Engine by Starling, we are dedicated to collaborating with premier banks globally that aspire to develop rapidly growing businesses using our cutting-edge technology.Engine represents Starling's software-as-a-service (SaaS) division, crafted to power Starling Bank, and has operated as an independent business for the past two years.Starling Bank has achieved remarkable growth and success, largely attributed to our development of modern technology from the ground up. Our SaaS platform is now accessible to banks and financial institutions worldwide, allowing them to leverage innovative digital features and efficient back-office processes that have contributed to Starling's success.As a company, we encourage everyone to actively contribute towards delivering exceptional outcomes for our clients. We are an engineering-driven organization seeking an individual who is enthusiastic about the potential of Engine's technology to revolutionize banking across diverse markets globally.Hybrid WorkingOur Hybrid working model is designed to promote collaboration and interaction, with a preference for candidates located within a commutable distance from our offices.About the RoleThe Engine Platform is a highly adaptable core banking solution that supports clients worldwide. In this role, you will focus on the development and execution of our core platform's technical strategy, encompassing integrations, connections, configurations, and internal tools that facilitate the platform's growth while enabling our clients to connect with local providers seamlessly.As a Technical Platform Owner at Engine, you will work closely with various teams across technology, collaborating with our engineering and product teams to ensure our technology platform fulfills the requirements of our clients and partner engineers. You will also align the platform with the company's overall technical strategy and long-term objectives, ensuring a smooth integration process with Engine.At Engine, we take pride in creating products we believe in. We emphasize user experience, often delivering polished solutions while remaining flexible enough to make strategic moves when necessary. We believe that excelling in product development requires clear communication, focused efforts, and a willingness to challenge conventional practices. We're open-minded in our hiring approach, valuing skills and attitude over specific experiences or qualifications.

Join us at Engine by Starling, where we collaborate with top-tier banks globally to revolutionize banking through our cutting-edge technology.Engine operates as Starling's software-as-a-service (SaaS) division, initially designed to fuel Starling's growth. Two years ago, we transitioned into an independent entity, enabling banks and financial institutions worldwide to leverage our innovative platform.Starling Bank has experienced remarkable success, largely due to our proprietary technology, which enhances digital features and streamlines back-office operations. As a team, we embrace a hands-on approach, striving for outstanding results for our clients. We are driven by values such as Listening, Simplicity, Integrity, Ownership, and Striving for Excellence.Hybrid Work EnvironmentWe promote a hybrid work model at Engine, encouraging team members to work within a commutable distance from our office to foster collaboration and interaction.About Engineering at Engine by StarlingWe seek talented Backend Software Engineers to enhance our Engine Platform by developing new extensions and integrations for our card processing system, ensuring it stands out for banks worldwide.Our engineers are passionate about delivering innovative features, regardless of their primary tech stack. Discover more about our team through our day-to-day insights and initiatives with Women In Tech.

Join Zaizi as a National Security Cloud Engineer, where you will leverage your expertise in automating software delivery pipelines within expansive systems that utilize open-source technologies. At Zaizi, we are passionate about tackling intricate challenges through innovative thinking and cutting-edge technologies.Our workplace is characterized by an inclusive, modern, and collaborative culture, fostering creativity and innovation. We are in search of enthusiastic and solution-oriented individuals who thrive in dynamic environments. If you are eager to challenge yourself and contribute to a forward-thinking team, we would love to hear from you!

Join Wiz, a pioneering force in cloud security, as a Cloud Security Research Engineer. In this pivotal role within our Product team, you will be instrumental in fortifying our customers' cloud infrastructures against cyber threats. Your innovations will not only enhance our security offerings but also contribute significantly to customer success and the advancement of cloud security technologies.

Who are we?At Ki Insurance, we are at the forefront of innovation in the insurance industry. We're not just insuring everyday things; we're insuring space shuttles, global tours, wind farms, and even the legs of footballers!Our mission is clear: to digitally disrupt and revolutionize a market that has been around for 335 years. In collaboration with Google and UCL, we've developed a platform that leverages algorithms, machine learning, and large language models, allowing insurance brokers to receive quotes in seconds instead of days.Ki proudly stands as the largest global algorithmic insurance carrier and has rapidly become the fastest-growing syndicate in the Lloyd's of London market, achieving an impressive $100 million in profit within just three years.Our teams come from diverse backgrounds and collaborate in an agile, cross-functional manner to create the best customer experience possible. With ambitious goals ahead, we’re looking for brilliant minds to challenge the status quo and help us reach new heights.Where do you fit in?As a Senior Cloud Security Engineer, you will closely collaborate with engineering teams across Cloud Services, Infrastructure, and Product teams to integrate risk-aware technical security controls into our services, products, and development workflows.Your responsibilities will include designing, implementing, and managing robust security measures across our cloud platforms. You will work in tandem with cross-functional teams to devise security strategies, automate security processes, and proactively detect and address potential threats. This position will also involve developing cloud-native security tools, automating our processes, and leveraging infrastructure as code.Moreover, this role will utilize AI to responsibly build automation and agentic AI workflows, enhancing productivity while ensuring data protection and appropriate security controls are upheld.What will you be doing? Cloud Security Architecture & Design:Design and implement security architectures for cloud systems, including GCP, Azure, AWS, or hybrid environments.Develop secure cloud architectures for AI/LLM workloads and AI-enabled services, focusing on isolation patterns, secure networking, and hardened runtime configurations.Ensure security configurations and infrastructure are reproducible through infrastructure-as-code (IaC), specification-driven development (SDD), and automated deployment pipelines.Automate cloud security processes utilizing agentic AI tools.Implement robust security measures across our cloud platforms.Provide insights and suggestions for improvements on Ki's current architecture.Security Governance & Policy:Establish and enforce security policies, standards, and guidelines for cloud services.Ensure compliance with regulatory requirements such as ISO 27001, SOC 2, SOX ITGC, NIST, GDPR, and others.Conduct security assessments and audits to identify vulnerabilities and remediate them accordingly.

At Engine by Starling, we are dedicated to partnering with top-tier banks globally, empowering them to rapidly build growth-focused businesses using our innovative technology. Our software-as-a-service (SaaS) offering is the engine that powers Starling Bank and is now accessible to financial institutions worldwide.Our design team is the heartbeat of Engine, operating within a flat structure that fosters decision-making autonomy. We prioritize innovation and collaboration in everything we undertake. To succeed in this role, you must be a motivated self-starter who takes full ownership—from crafting brand strategy to producing high-quality assets that support our sales teams and satisfy our clients.Hybrid Work EnvironmentWe embrace a hybrid work approach at Engine, with a preference for candidates located within a commutable distance to our offices to facilitate in-person collaboration.Role OverviewWe are in search of a hands-on Lead Designer who operates at the intersection of design, creativity, and branding. You will serve as the architect of Engine’s visual identity while ensuring our value proposition is communicated effectively to a global audience. Your role will involve delivering consistent, high-quality assets across various platforms, including presentations, social media, digital channels, and print materials.You will manage multiple interconnected workstreams, establishing scalable design processes and identifying new opportunities for design to expand its impact. As a seasoned problem solver, you will align diverse teams around shared objectives and champion the significance of design at the executive level.Your ResponsibilitiesDeliver high-quality design assets consistently, including presentations, social media content, digital, and print materials.Shape Engine’s brand identity by refining our 'purpose, position, personality, perception, and promotion.'Drive marketing excellence through a well-defined suite of assets that enhance lead generation and elevate global brand awareness.Empower our business development efforts by creating impactful sales materials, including brochures, presentations, demos, prototypes, and visualizations that enable our teams to attract top-tier clients.Influence strategic planning by collaborating with stakeholders and technical leads to assess the broader impacts of design decisions.Scale design operations by owning and advancing the design system, establishing standards and governance that align design with the company's objectives.Mentor and advocate for design excellence within the team, nurturing the next generation of design talent while promoting design capabilities to both internal and external stakeholders.

Join Flohealth as a Cloud Security Engineer, where you will play a pivotal role in safeguarding our cloud environments. Your expertise in cloud security principles and practices will be fundamental in developing and implementing robust security measures.In this role, you'll collaborate with cross-functional teams to assess and enhance our security posture, ensuring compliance with industry standards. Your contributions will directly impact the security and integrity of our data and services.

Starling Bank brings together over 3,000 professionals across London, Southampton, Cardiff, and Manchester to deliver digital banking services in the UK. The company is known for combining technology-driven solutions with the reliability expected from a fully licensed bank. Its culture centers on values such as Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Role overview The Director of Information Security leads the Office of the CISO and reports directly to the Chief Information Security Officer. This position manages a team of Information Security analysts and plays a key role in shaping and strengthening Starling Bank's security capabilities and governance. This role is designed for a seasoned information security leader who has experience building teams and driving continuous improvement. It offers a path for those considering future advancement to a CISO role. Main responsibilities Oversee the Information Security Policy Framework, ensuring alignment with the needs of Starling Group and its stakeholders, and maintaining compliance with legislation and industry standards. Develop and maintain standards for implementing security controls and procedures. Collaborate with external organizations and regulatory bodies to enhance Starling’s security posture. Location This position is based in London, England, United Kingdom.

Ebury empowers ambitious businesses to unlock global growth, and we extend the same philosophy to our team members. We promote innovation, collaboration, and problem-solving, creating an inclusive environment where everyone feels valued, supported, and empowered to thrive.If you are a collaborative individual eager to transform how businesses operate on a global scale, we invite you to connect with us. Discover how Ebury can fast-track your career and help you shape the future.Senior Security Engineer - Cloud InfrastructureHybrid (4 days in office) in LondonEbury is making significant investments in its cloud infrastructure security to ensure the integrity and safety of our global financial services. As a Senior Security Engineer specializing in Cloud Infrastructure, you will be responsible for enhancing and managing the security posture of our cloud environments across AWS and GCP, focusing on network security, perimeter defense, and attack surface management.This hands-on position requires extensive expertise in cloud-native security controls, network architecture, and proactive defensive security operations. You will design, implement, and maintain security infrastructure that identifies and mitigates threats before they affect our operations. Collaborating closely with platform, infrastructure, and security operations teams, you will embed security best practices into our cloud foundations.Key ResponsibilitiesManage cloud security posture and attack surface: Ensure comprehensive visibility and control across AWS and GCP environments. Implement cloud-native security monitoring, detection, and alerting mechanisms to proactively identify and mitigate threats, establishing and enforcing security baselines through policy-as-code.Design and oversee web application firewall infrastructure: Maintain WAF configurations across AWS and GCP, creating and fine-tuning detection rules in line with application threat models and emerging attack patterns. Develop operational processes for rule management and incident response integration, collaborating with application teams to implement protections without disrupting availability.Architect network segmentation and isolation: Design and implement strategies ensuring proper separation between development, staging, and production environments. Define consistent patterns across multi-cloud infrastructure, apply zero-trust principles to workload communication, and document reference architectures for engineering teams.

ABOUT AvolutionJoin Avolution, a prestigious global leader in Enterprise Architecture Software with over 20 years of experience. Our established presence spans across London, Sydney, Northern Virginia, and Singapore, and we are recognized in the Gartner Magic Quadrant as an industry frontrunner. Become part of our intelligent, friendly team, where your skills and initiative will drive our growth while enjoying a culture rated as collegial, collaborative, flexible, and supportive by our employees.Key ResponsibilitiesCloud & Infrastructure SecurityDesign, manage, and enhance security configurations across Azure and AWS environments, ensuring seamless integration with Office 365.Implement and enforce industry best practices for identity and access management (IAM) in Azure AD (Entra ID) and AWS IAM.Monitor cloud workloads for vulnerabilities, misconfigurations, and threats utilizing tools such as Microsoft Defender.Collaborate with DevOps/Engineering teams to embed security controls into CI/CD pipelines, advocating for DevSecOps principles.Conduct thorough security assessments, including aiding in penetration testing and risk evaluations to identify and mitigate potential vulnerabilities.Endpoint & Identity SecurityEnhance device posture, compliance, and management utilizing Microsoft Intune and Defender for Endpoint.Develop and maintain solid conditional access, multi-factor authentication (MFA), and endpoint protection policies.Oversee secure identity lifecycle processes, enforcing least-privilege access and zero-trust principles.Security OperationsRespond promptly to security alerts, incidents, and vulnerabilities with thorough investigations and remediation actions.Perform regular risk assessments, security reviews, and internal audits.Manage and optimize security tools, including SIEM, EDR, vulnerability scanners, and the Microsoft Defender suite.Lead incident response efforts and coordinate with cross-functional teams.Compliance & GovernanceSupport ISO 27001:2022 recertification and ongoing compliance activities, including internal audits.Prepare for and assist in obtaining additional compliance certifications (e.g., SOC 2, GDPR) to facilitate company growth.Develop, maintain, and enhance security policies, procedures, and technical documentation.Track, report on, and address audit findings or compliance gaps.Collaboration & CulturePartner with globally distributed teams across EMEA, AMER, and APAC regions.Educate internal teams on security best practices and cultivate a security-first culture through training and awareness initiatives.

Abound is changing how consumer lending works in the UK and beyond. By combining advanced AI with Open Banking data, the company looks at a person’s complete financial situation, not just a credit score, to make lending decisions that are fairer and more accurate. Since launch, Abound has issued over £1.3bn in loans, with a credit performance that outpaces industry averages. The company became profitable within 2.5 years and has backing from major investors, including Citi and Deutsche Bank. With over £2bn in funding, Abound is recognized as one of Europe’s fastest-growing fintechs. Role overview This Senior Security Engineer position is based in London and sits within the Platform team. The role blends DevSecOps responsibilities, serving as a bridge between product engineering and Corporate IT. As a hands-on contributor, the Senior Security Engineer critically reviews security architecture across both production and internal IT environments. During the first 6 to 12 months, the focus will be on designing and implementing next-generation cloud security architecture in AWS and GCP. The role also involves building and maturing internal SOC capabilities, particularly around detection and response. What you will do Manage Microsoft Sentinel to strengthen SIEM/SOAR capabilities Automate RBAC for identity and access management across AWS, Microsoft Entra, and internal systems Embed security controls into GitLab CI/CD pipelines, including scanning, infrastructure-as-code reviews, and automated policy enforcement Support a shift-left approach by integrating security throughout the software development lifecycle Technology stack Cloud & Compute: AWS, ECS Fargate, Aurora, Lambda, GCP Data Lake: S3, DMS, Glue Security & Identity: Microsoft Defender (XDR), Microsoft Sentinel (SIEM/SOAR), Defender for Cloud (CSPM), Microsoft 365, Entra, Intune Cloud Security Tooling: GuardDuty, Security Hub, Inspector, Security Command Center Code & Infrastructure: Terraform, GitLab CI/CD

About Starling Bank Starling Bank is a digital bank based in London, focused on providing a fairer and more human alternative to traditional banking. The team combines advanced technology with a commitment to integrity and fairness. With a branchless and mainly paperless approach, Starling emphasizes responsible banking, sustainability, and inclusivity. The company’s five core values, Listen, Keep It Simple, Do The Right Thing, Own It, and Aim for Greatness, guide both strategy and culture. Role Overview: Employee Relations Partner The Employee Relations Partner plays a key role in supporting Starling’s people and leaders. This position provides expert Employee Relations support, helping managers navigate complex casework and ensuring that all actions align with company policies and legal requirements. Location London, England, United Kingdom

Lead Principal Security EngineerLocation: London (Hybrid) | Practice Area: Technology & Engineering | Type: PermanentShape the future of digital finance by spearheading cutting-edge cybersecurity initiativesThe RoleAs a Lead Principal Security Engineer at Capco, you will spearhead the design, implementation, and integration of comprehensive security frameworks across both cloud and on-premise environments. Your primary responsibility will be to collaborate with engineering and client teams to integrate security best practices throughout the Software Development Life Cycle (SDLC), while enhancing our capabilities in vulnerability management, compliance, and secure architecture.What You’ll DoLead enterprise-wide security initiatives utilizing SAST, DAST, SCA, and container scanning tools such as CheckmarxOne and Prisma Cloud.Design and implement secure cloud infrastructures, endpoint protection measures, and data encryption strategies.Champion secure-by-design principles and integrate security tools into CI/CD pipelines.Conduct comprehensive security audits, vulnerability assessments, and threat analyses across all systems.Mentor engineering teams on secure development practices and help build Capco’s internal security knowledge repository.What We’re Looking ForExtensive experience in application and cloud security across AWS, Azure, or GCP.Proven proficiency in integrating SAST, DAST, SCA, and container scanning solutions.In-depth knowledge of data protection methodologies, including encryption and data masking techniques.Familiarity with industry standards and frameworks such as ISO 27001, NIST, and OWASP.Programming skills in languages such as Python, Java, or Go.Bonus Points ForRelevant certifications, including CISSP, CSSLP, or cloud-specific security credentials.Experience in mentoring security engineers or contributing to RFPs and thought leadership initiatives.Exposure to secure DevOps (DevSecOps) practices and compliance frameworks.Experience with tools like Prisma Cloud, CheckmarxOne, or their equivalents.Exceptional stakeholder engagement and communication skills.

Join Us in Shaping the Future of Cyber Security.At Quantexa, we believe in the power of innovation and continuous improvement. Our mission is to forge meaningful relationships with our clients and drive impactful change across various industries. With a diverse workforce comprising over 50 nationalities and 20 languages spoken, we foster an inclusive environment where every voice matters. Here, you will find the autonomy and support needed to craft a career that aligns with your aspirations.The Role.We are seeking a proactive and technically skilled Cyber Security Engineer to join our Security Operations team. In this hands-on role, you will be instrumental in safeguarding Quantexa's digital assets. Your responsibilities will include the operational management, optimization, and monitoring of essential security platforms, focusing on Zscaler, cloud monitoring via Wiz, and endpoint detection and response through CrowdStrike.Collaborating closely with the broader Security Operations team, you will ensure that security alerts, findings, and detections are efficiently triaged, validated, documented, and remediated. Your contributions will directly enhance Quantexa's security posture by minimizing risk, bolstering detection capabilities, and ensuring timely responses to security incidents.This position is ideal for a curious and detail-oriented professional who thrives on working with cutting-edge security tools, embraces disciplined execution, and seeks opportunities for ongoing improvement.Your Responsibilities.Wiz (Cloud Security Posture Management)Daily monitoring and triaging of Wiz findings, validating alerts and assessing operational impact.Engaging in tuning and threat hunting within Wiz and other security tools.Identifying misconfigurations, excessive permissions, and exposed assets while escalating issues as necessary.Tracking remediation progress with engineering teams and ensuring the resolution of high-priority issues.Zscaler (Web Security Tunnel 2.0)Reviewing and triaging Zscaler alerts and policy violations according to documented response procedures.Investigating suspicious traffic, access attempts, and user activity to determine legitimacy.